Incident Responder – Amsterdam (Hybrid)
My client, a leading organisation in the financial services space, is seeking an experienced Incident Responder to join their security team in Amsterdam. This individual will act as the main escalation point between 1st line analysts and an outsourced SOC provider, playing a pivotal role in ensuring incidents are investigated, contained, and resolved effectively.
Key Responsibilities:
- Serve as the escalation point for incidents raised by 1st line analysts and the SOC.
- Lead investigations into complex security events, providing detailed analysis and clear remediation steps.
- Collaborate with both internal teams and the SOC partner to manage containment and recovery.
- Perform log analysis using SIEM platforms (Splunk, QRadar, Sentinel, or similar).
- Lead triage and response activities, including malware analysis, phishing investigations, and insider threat detection.
- Coordinate with SOC and internal stakeholders to contain and remediate threats.
- Contribute to and improve IR playbooks, threat hunting procedures, and incident post-mortems.
- Deliver timely, concise communication to stakeholders during and after incidents.
Candidate Profile:
- Strong background in incident response having already had experince being a senior escalation point.
- Previous experience within financial services or cryptocurrency environments is highly advantageous.
- Familiarity with SOC operations and escalation procedures.
- Confident communicator, able to bridge the gap between technical teams and business stakeholders.
- Must be based in the Netherlands and able to work 2 days per week onsite in Amsterdam.
Additional Information:
- Visa sponsorship is not available for this position.
